Researchers develop a new framework to detect and recover complicated cyberattacks

Researchers develop a new framework to detect and recover complicated cyberattacks

Cyber-physical systems (CPS) that mix modern networking with physical actuators can be vulnerable to hackers. Researchers have recently created a new architecture for CPSs that is immune to a sophisticated kind of cyber attack. Unlike the current methods, the proposed strategy makes it possible to track and recover from an attack in real-time while maintaining safe activity. This paves the way for safe and stable CPS across different application realms, such as smart cities and unmanned public transport.

Cyber protection is the practice of protecting computers, routers, handheld devices, electronic services, networks, and data against malicious attacks. Cyberattacks continue to rise in complexity and size. Looking back at the early 2020 “new year forecasts,” you can never see a nod to an unforeseen worldwide pandemic that will shut down, in several respects, the way we function and start a new standard.

Cybersecurity remains at the core of the issues of countries, organizations, and individuals. In 2015, hackers breached Ukraine’s power grid corporate network and injected malicious malware that sparked a major power outage. Such cyber threats, along with the risks to the civilization they serve, could become more frequent as the number of cyber-physical systems (CPS) grows.

Researchers develop a new approach to detect and recover from sophisticated cyberattacks in real time. This paves the way for secure and reliable CPSs across various application domains, such as smart cities and unmanned public transportation.

A CPS is any network-controlled device containing physical elements that communicate with the natural world in a tangible way. CPSs are unbelievably popular in industries, particularly those incorporating robotics or similar automated machines into the production line. However, as CPSs find their way into social infrastructures such as public transport and energy management, it is much more important to be able to effectively combat different forms of cyberattacks.

In a recent study published in IEEE Transactions on Industrial Informatics, researchers at the Daegu Gyeongbuk Institute of Science and Technology (DGIST), Korea, have established an architecture for CPSs that is robust against a sophisticated cyber assault: a pole-dynamics attack (PDA). In the PDA, the hacker connects to a node in the CPS network and injects fake sensor data. Without sufficient readings from the system’s physical element sensors, the control signals sent to the physical actuators by the control algorithm are inaccurate, allowing them to fail and to behave in unintended, potentially dangerous ways.


The need for real-time awareness of the security status of the organisation is becoming increasingly apparent. With the accelerated transition to more cloud servers, the popularity of network-connected smartphones, in addition to shifting to remote work, organisations had to rapidly change their security protocols to ensure that they were protected at all times from every remote location from which they could communicate. This is now the new defense perimeter.

To address PDAs, researchers have introduced a strategy known as software-defined networking (SDN) that makes the CPS network more complex by transmitting signal relays via SDN controllable switches. In addition, the suggested solution depends on a novel attack-detection algorithm implemented in SDN switches, which can trigger an alert to the centralized network manager if false sensor data is injected.

Cyber threats have hit a new degree of maturity, ranging from foreign espionage and major infringements of personal privacy and large-scale destruction of the Internet. Advanced weapons-grade malware capabilities have been leaked, enabling criminals to travel quickly and infect massive quantities of companies and organisations through vast swaths of geographic regions. Big, multi-vector mega-attacks have given rise to the need for advanced and coherent defense systems.

If the network admin has been alerted, it not only cuts off the cyber intruder by pruning the infected nodes, but also sets a new protected course for the data of the sensor. “Existing studies have concentrated only on the detection of attacks, but do not understand the consequences of detection and recovery in real time,” explains Professor Kyung-Joon Park, who led the research. “At the same time, we found these variables in our analysis to clarify their effect on real-time results and to ensure reliable CPS activity.”

The new system was experimentally validated in a dedicated test bed, providing positive results. Excited about the results of the report, Park states, “As CPSs are a vital technology for smart cities and unmanned transport systems, we anticipate our research to be critical in ensuring the efficiency and resilience of CPSs in different application areas.” Having a comprehensive cyber-attack scheme ensures that economic damage and human injury will be avoided. This research therefore paves the way for a more stable future for both CPSs and ourselves.